Opened 8 years ago
Closed 8 years ago
#3516 closed Bug (Fixed)
Specify types of parameters of _Crypt_EncryptData
Reported by: | Sponge Jhan | Owned by: | Jpm |
---|---|---|---|
Milestone: | 3.3.15.1 | Component: | Documentation |
Version: | 3.3.15.0 | Severity: | None |
Keywords: | _Crypt_EncryptData | Cc: |
Description
The input $vData and $vKey of _Crypt_EncryptData must be bytes rather than other types.
However, the documentation in [1] and AutoIt.chm both don't explicitly specify this.
StringEncrypt function in [1] also cannot decrypt encrypted non-ASCII characters correctly, such as Chinese, because it doesn't call StringToBinary in advance.
[1] https://www.autoitscript.com/autoit3/docs/libfunctions/_Crypt_EncryptData.htm
Attachments (0)
Change History (5)
comment:1 follow-up: ↓ 3 Changed 8 years ago by Jpm
- Component changed from Standard UDFs to Documentation
comment:2 Changed 8 years ago by jchd18
Sidenote: strings really should be converted to UTF8 before encryption and back from UTF8 after decryption, so that portability is achieved in all use cases (non-codepage chars in plaintext string or different codepages between encryption and decryption machines).
Maybe the doc should mention that and perhaps give a multi-lingual example (e.g. plaintext = "Hello! ជំរាបសួរ! Allô! Привет! 您好!مرحبا! હેલો! שלום! こんにちは!").
comment:3 in reply to: ↑ 1 Changed 8 years ago by Sponge Jhan
Replying to Jpm:
Can you provide a repro script so I can verify what should be done in the doc?
Thanks
Please run the code at the end of this comment.
I do the same as the documentation, encrypting without explicit StringToBinary call and
decrypting with BinaryToString using default encoding.
My machine reports 59/56 for two lengths.
Thanks!
#include <Crypt.au3>
#include <MsgBoxConstants.au3>
$plaintext = "Hello! ជំរាបសួរ! Allô! Привет! 您好!مرحبا! હેલો! שלום! こんにちは!"
$ciphertext = _Crypt_EncryptData($plaintext, "test", $CALG_RC4)
$result = BinaryToString(_Crypt_DecryptData($ciphertext, "test", $CALG_RC4))
MsgBox($MB_OK, "Result", $result & @LF & _
"Length original: " & StringLen($plaintext) & @LF & _
"Length after decryption: " & StringLen($result))
comment:4 Changed 8 years ago by Jpm
Thanks,
I was figuring out your pb.
As thre is no way to be sure that input data can be decrypted if internal conversion is done during encryption. It is the use responsability do do it.
I will chnge the doc to reflect what has to be done.
see the following example to do the right handling
#include <Crypt.au3> #include <MsgBoxConstants.au3> #include <StringConstants.au3> Local $sPlaintext = "Hello! ជំរាបសួរ! Allô! Привет! 您好!مرحبا! હેલો! שלום! こんにちは!" Local $dPlaintextUTF8 = StringToBinary($sPlaintext, $SB_UTF8) ; Convert to Binary string converting Unicode char as UTF8 ;~ $dPlaintextUTF8 = $sPlaintext ; If Uncommented willshow why UTF8 conversion is needed Local $iAlgorithm = $CALG_3DES Local $g_hKey = _Crypt_DeriveKey("CryptPassword", $iAlgorithm) Local $dEncrypted = _Crypt_EncryptData($dPlaintextUTF8, $g_hKey, $CALG_USERKEY) ; Encrypt the text with the new cryptographic key. Local $dDecrypted = _Crypt_DecryptData($dEncrypted, $g_hKey, $CALG_USERKEY) ; Decrypt the data using the generic password string. The return value is a binary string. Local $sDecrypted = BinaryToString($dDecrypted, $SB_UTF8) ; Convert the binary string using BinaryToString to display the initial data we encrypted. If $sPlaintext = $sDecrypted Then MsgBox($MB_SYSTEMMODAL, "Decrypted data", $sDecrypted) Else MsgBox($MB_SYSTEMMODAL, "BAD Decrypted data", $sPlaintext & @CRLF & "-->" & @CRLF & $sDecrypted) EndIf
comment:5 Changed 8 years ago by Jpm
- Milestone set to 3.3.15.1
- Owner set to Jpm
- Resolution set to Fixed
- Status changed from new to closed
Fixed by revision [11822] in version: 3.3.15.1
Guidelines for posting comments:
- You cannot re-open a ticket but you may still leave a comment if you have additional information to add.
- In-depth discussions should take place on the forum.
For more information see the full version of the ticket guidelines here.
In fact the doc say implicitly that the parameters are variants ($v*) so it is the user responsability to give string or binary.
I understand that for chinease "characters" it seems better to use Binary as the AutoIt strings (UCS2) is not enough to handle all Chinese "characters"
Can you provide a repro script so I can verify what should be done in the doc?
Thanks